pymongo.errors.ServerSelectionTimeoutError: No replica set members match selector "Primary()"

398 views
Skip to first unread message

Ravi pithadiya

unread,
Dec 3, 2019, 7:06:19 AM12/3/19
to mongodb-user
MongoDB V3.6.15

Replica Set: (1 Master, 1 Secondary, 1 Arbiter) on Azure.

I am able to connect to the replica set from the same Resource Group. but, not able to connect to Replica set from the external network. getting the following error.

pymongo.errors.ServerSelectionTimeoutError: No replica set members match selector "Primary()"

Please help.

Thanks,

Kevin Adistambha

unread,
Dec 9, 2019, 12:01:42 AM12/9/19
to mongodb-user

Hi,

The message No replica set members match selector "Primary()" typically means that the app cannot connect to the primary node of the replica set. There can be various reason why, the most common being:

  • The app’s IP is not whitelisted in the server’s firewall
  • There is actually no primary in the replica set

Please check if the output of rs.status() shows a node with the PRIMARY status to ensure that the set has a primary. If yes, please double check if the app’s IP is allowed to connect to the database. If both are ok, please post the full error message from the app and also the corresponding mongod logs during this period.

Best regards,
Kevin

Ravi pithadiya

unread,
Dec 9, 2019, 12:40:21 AM12/9/19
to mongod...@googlegroups.com
Hi Kevin,

Thanks for the reply.

I have executed the command rs.status and it shows primary on one of the node also have attached the response with the mail. also, have check the internal communication from one node to the others and working as expected. I have taken reference to the following link to test connection https://docs.mongodb.com/v3.6/tutorial/troubleshoot-replica-sets/#replica-set-troubleshooting-check-connection.

i have also attached the logs for the mongodb instances we have tin replica set.

Thanks & Regards,
{ name     :  ravi pithadiya | principal engineer,
  phone    :  8401253847,
  linkedin  :  ravi pithadiya,
  skype     :  ravi.pithadiya }


--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
 
For other MongoDB technical support options, see: https://docs.mongodb.com/manual/support/
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/9fe04f75-6ae5-4997-b363-28bd19352197%40googlegroups.com.
mongodlogs.zip

Kevin Adistambha

unread,
Dec 9, 2019, 10:44:47 PM12/9/19
to mongodb-user

Hi,

So when you see the error No replica set members match selector "Primary()", what was the output of rs.status() during that time?

Unfortunately the logs you attached contains 5 days worth of logs, and I can’t tell the state of your replica set when you attempted the connection. Please narrow down the logs to the time period where you’re trying to connect.

However a quick search of the logs showed this:

Member 10.0.8.4:27017 is now in state PRIMARY

Since 10.x.x.x is a private IP address, I think what happened is that you’re trying to connect when that node was primary. Since it’s using a private IP, it’s not accessible from the outside, thus the app said that it cannot find the primary. You might want to reconfig to set to not use private IP and set it to a DNS hostname as per Deploy a replica set.

Best regards,
Kevin

Ravi pithadiya

unread,
Dec 9, 2019, 11:05:06 PM12/9/19
to mongod...@googlegroups.com
Hi Kevin,

Thank for looking into the logs and analysis.

yes, as you said I have added private ip in the hosts file and and the same hosts name I have used while adding node to replica set.

I have one doubt here; as per my knowledge the communication amongst the replica nodes must be happening via private ip's only. it will increase delay if i will add public ip's in the hosts. please correct me if i am wrong.

Thanks & Regards,
{ name     :  ravi pithadiya | principal engineer,
  phone    :  8401253847,
  linkedin  :  ravi pithadiya,
  skype     :  ravi.pithadiya }

--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
 
For other MongoDB technical support options, see: https://docs.mongodb.com/manual/support/
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/4ed25733-426d-43bb-9e18-1fc093e22c8d%40googlegroups.com.

Kevin Adistambha

unread,
Dec 10, 2019, 12:32:16 AM12/10/19
to mongodb-user

Hi,

I have one doubt here; as per my knowledge the communication amongst the replica nodes must be happening via private ip’s only.

Actually no. It’s recommended to have DNS reachable addresses. See Deploy a replica set.

This is because the client will need to connect to all members of the replica set to function correctly, so connectivity can be guaranteed when any member of the set is down. That is, all members of the set should be reachable from the client application, not just some members.

Note the keyword that all members must be accessible by the client application. If the client application happens to be inside the same private subnet then you don’t need the replica set nodes to be accessible from the internet. In fact, it’s probably for the best that your database is not accessible from the public internet, for security reasons. See Security checklist for more tips.

it will increase delay if i will add public ip’s in the hosts.

It should have negligible impact if the routing of the network is setup properly. If you’re worried about this, you can add the node’s IPs into /etc/hosts in each node so it doesn’t have to go to a DNS server to lookup the address.

Having a name instead of an IP address in the replica set config would also allow you to swap a server with another without reconfiguring the replica set as it depends only on names and not actual addresses.

Best regards,
Kevin

Sarthak Sawhney

unread,
Dec 10, 2019, 12:39:10 AM12/10/19
to mongodb-user
Just a piece of quick advice, ensure you are connecting to all three members of the replica set. With the replSet connection attribute. 
To connect all three members of replica set you would need the communication to happen via public interfaces.

Ravi pithadiya

unread,
Dec 10, 2019, 2:18:42 AM12/10/19
to mongod...@googlegroups.com
Hi Kevin,

I have one doubt here; as per my knowledge the communication amongst the replica nodes must be happening via private ip’s only.

Actually no. It’s recommended to have DNS reachable addresses. See Deploy a replica set.
This is because the client will need to connect to all members of the replica set to function correctly, so connectivity can be guaranteed when any member of the set is down. That is, all members of the set should be reachable from the client application, not just some members.
Note the keyword that all members must be accessible by the client application. If the client application happens to be inside the same private subnet then you don’t need the replica set nodes to be accessible from the internet. In fact, it’s probably for the best that your database is not accessible from the public internet, for security reasons. See Security checklist for more tips.

Actually, we are having the application and database in the same virtual network. but, we need to access the database from the office network in some cases. 
 

it will increase delay if i will add public ip’s in the hosts.

It should have negligible impact if the routing of the network is setup properly. If you’re worried about this, you can add the node’s IPs into /etc/hosts in each node so it doesn’t have to go to a DNS server to lookup the address.
Having a name instead of an IP address in the replica set config would also allow you to swap a server with another without reconfiguring the replica set as it depends only on names and not actual addresses.


I have added the IPs into the /etc/hosts with the resolvable host. but, have added the private IPs. Should I change the private ip's to public?

Thanks & Regards,
{ name     :  ravi pithadiya | principal engineer,
  phone    :  8401253847,
  linkedin  :  ravi pithadiya,
  skype     :  ravi.pithadiya }

--
You received this message because you are subscribed to the Google Groups "mongodb-user"
group.
 
For other MongoDB technical support options, see: https://docs.mongodb.com/manual/support/
---
You received this message because you are subscribed to the Google Groups "mongodb-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mongodb-user...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mongodb-user/a301f4a3-9c8c-495c-9a95-33c4bd973b91%40googlegroups.com.

Kevin Adistambha

unread,
Dec 10, 2019, 8:19:06 PM12/10/19
to mongodb-user

Hi,

I have added the IPs into the /etc/hosts with the resolvable host. but, have added the private IPs. Should I change the private ip’s to public?

I cannot advise you regarding should or should not your database accessibility from the public internet, since it will depend on your use case and how exactly you’re planning to use them.

However, I personally would avoid having any database exposed publicly and would utilize private IPs for the database. If I need to connect to them from the internet, I would use a VPN solution.

Best regards,
Kevin

Reply all
Reply to author
Forward
0 new messages